Page 23 - Cyber Defense eMagazine April 2021 Edition
P. 23

The primary production network is where users are checking their email, where a connected device may be
          collecting data and generally where most network traffic is flowing. If management can be compromised on
          this network, the chances and severity of a breach multiply exponentially because it exposes management
          to attacks from anyone that can connect to a vulnerable device.


          Without a separate management plane, crucial personnel and systems can get locked out or even taken over
          during disruptions and attacks, meaning longer, more impactful outages or a total meltdown. Even something
          as small as a fake download link leading to malware, for example, could open the door for malicious code,
          theft of data or long periods of downtime.


          By using a separate network management connection to reach console ports, known as out-of-band (OOB)
          management, network engineers  or admins can reach any core or edge location in a network, whether
          the production network is experiencing issues or not. This relatively easy-to-implement step can drastically
          improve visibility into the status of connected devices and enable real-time issue resolution to prevent and
          thwart cyber-attacks.


          Establishing a separate line for network management
          There are several options for implementing a separate connection for network management. For instance,
          some may use a cable modem, while others may use a second Ethernet interface built on an entirely
          separate network. However, the most flexible and scalable option is to use a 4G LTE cellular connection,
          which can be made highly secure with several precautionary measures, like IPsec VPN tunnels and other
          protocols. While it could take weeks to install something like an MPLS circuit for an independent management
          plane, a cellular connection can be activated in hours from a remote location. This enables organizations
          with multiple facilities to quickly set up separate connections and even equip them with smart capabilities like
          proactive monitoring and alerts, automatic failover and near-instant remediation.

          Due to the ease of being able to set up a separate network management plane over cellular, it is becoming
          a more valuable and widely accessible tool to defend against the growing threat landscape. Adding to this,
          tools like TPM chips that prevent hardware tampering and zero touch provisioning capabilities are enabling
          a wave of secure remote deployments that enable anyone to quickly set up a new site.

          The power of a “smart” management plane

          Establishing a separate network management plane to safeguard core data center operations has always
          been important for network management and security. But as trends like IoT, SD-WAN, remote work and
          edge computing ramp up, a separate connection with smart capabilities is becoming ever more critical.

          Organizations are now managing more geographically dispersed network nodes, which each present new
          vectors for actors to breach, as well as new vulnerabilities, software stacks and bugs to exploit. For network
          managers, this means the costs of downtime and truck rolls are rising, new security paradigms are needed
          for workers accessing files from anywhere and there are simply more vulnerabilities that need to be
          monitored over greater distances.

          With so many complexities piling up, organizations can greatly benefit from automated or AI-powered tools
          for crucial network functions like threat identification and recovery, low latency monitoring and provisioning
          and self-healing and management. These capabilities and more can easily be achieved on a console server
          or separate management plane that supports standard NetOps tools, such as Docker, Python, and Ansible,

          By providing these tools on a separate management plane, organizations can rapidly recover from outages
          from any location and gain a bird’s eye view into all devices on a network. So, if someone ever tries to upload
          a virus via a USB drive in a remote location in the boonies or sends an army of malware links to your interns,
          you’ll be right there to prevent or stop it, no matter where you are physically.



             23    Cyber Defense eMagazine – April 2021 Edition
                   Copyright © 2021, Cyber Defense Magazine.  All rights reserved worldwide.
   18   19   20   21   22   23   24   25   26   27   28